Microsoft Offers 60-Day ActiveX Reprieve

Microsoft has acknowledged that a planned update to the way Internet Explorer renders multimedia on Web pages could cause some serious problems, and promised to give developers an extra two months to modify their pages to ensure a smooth transition. The company was forced to make the changes in response to a patent dispute with Eolas Technologies. The fix would affect the way ActiveX controls are displayed on Web pages, according to experts. If no changes were made, a user would have to ‘activate’ an ActiveX or Java control before it would be usable. More on IE here.

Windows Vista, if it is ‘secure’ will disable access to active X completely, at least I hope it will

Isn’t activeX the main conduit between Internet Explorer and getting your windows box own3d ? spyware would have a hard time owning windows boxes if activeX was put where it should be, in the recycle bin.

That user purposely installed all those apps and search bars. Probably for the purpose of spreading the FUD. It is NOT possible for them to install themselves without user interaction, so sorry, I don’t buy it one bit.

Which is the problem right there. The average user isn’t SMART ENOUGH or WILLING TO LEARN the proper response when presented with the classic “Run this ____” box. Hell, I know people I consider smart enough who STILL make the wrong choice there 99.99% of the time – it’s bad browsing habits borne of apathy, ignorance, and just plain wishful thinking.

I have seen it, all those bars and the pop-ups that go with them. I make money from these poor saps, but when they come knocking on my door for the second, third, and fourth time, I stop explaining to them that they have to learn to be careful and learn how to use their computers. It goes in one ear and out the other.

None the less, ActiveX is still a lame technology and should be done away with. I don’t feel like telling you all the reasons behind its lameness in this post, but you are welcome to use Google to do all the research you want on the subject.

The fix would affect the way ActiveX controls are displayed on Web pages…

I think ActiveX is insecure by design and shouldn’t be trusted. ActiveX objects contain actual executable code which IE can download and execute, possibly without the user’s knowledge. There are lots of safeguards to avoid abuse, but obviously it is being abused anyway.

The safe thing is to not allow ActiveX to have control. The easiest way to do that is to never use IE.

It’s not like every ActiveX control ever made is some malicious application. I’ve used a lot that come in handy. Unfortunately it’s been abused to the point where everyone thinks you can’t make anything helpful with it.

It’s not like every ActiveX control ever made is some malicious application.

True, but as you further point out, it’s been abused.

Even Microsoft references “malicious code” in an increasingly common attack where a page filled with several ActiveX controls tries to frustrate you into always trusting the publisher—after which malicious code is delivered in the last control.